package com.min.main.config.perms;

import cn.hutool.core.util.StrUtil;
import cn.hutool.http.HttpStatus;
import cn.hutool.json.JSONUtil;
import com.min.common.constant.TokenConst;
import com.min.common.entity.R;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Slf4j
public class MinFilter extends AuthenticatingFilter {

    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
        if (((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())) {
            return true;
        }
        return false;
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        if (StrUtil.isBlank(getToken(request))) {
            responseResult(response, R.error(HttpStatus.HTTP_UNAUTHORIZED, "token未找到"));
            return false;
        }
        return executeLogin(request, response);
    }

    @Override
    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        String token = getToken(servletRequest);

        if (StrUtil.isBlank(token)) {
            return null;
        }

        return new MinToken(token);
    }

    @Override
    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {

        try {
            responseResult(response, R.error(HttpStatus.HTTP_UNAUTHORIZED, e.getMessage()));
        } catch (IOException ee) {
            ee.printStackTrace();
        }

        return false;
    }


    /**
     * 从 request header 中拿到 token
     * @param httpRequest:
     * @return: java.lang.String
     * @author: fengt
     * @date: 2021/4/9 17:04
     **/
    private String getToken(ServletRequest httpRequest) {
        String token = ((HttpServletRequest)httpRequest).getHeader(TokenConst.KEY);
        if (StrUtil.isBlank(token)) {
            token = httpRequest.getParameter(TokenConst.KEY);
        }
        return token;
    }

    /**
     * response 返回json结果
     * @param response HttpServletResponse对象
     * @param r R结果对象
     * @return: void
     * @author: fengt
     * @date: 2021/4/9 17:50
     **/
    private void responseResult(ServletResponse response, R r) throws IOException {
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        httpResponse.setContentType("application/json;charset=utf-8");
        String json = JSONUtil.toJsonStr(r);
        httpResponse.getWriter().print(json);
    }

}
